<?PHP
  include "utility_functions.php";

  // Get user id and password
  $user_id = $_POST["user_id"];
  $password = $_POST["password"];

  // Lookup and verify the user id and password
  $sql = "select UserId, AFlag, SFlag, VFlag " .
         "from USER_ACCT " .
         "where UserId='$user_id'
          and Password='$password'";

  $result_array = execute_sql_in_oracle($sql);
  $result = $result_array["flag"];
  $cursor = $result_array["cursor"];

  if (!$result) {
    $login_error = "Server error. Please try again.";
    header("Location:index.php?login_error=$login_error");
  }
  else if(!($values = oci_fetch_array($cursor))) {
    $login_error = "Incorrect username and password combination";
    header("Location:index.php?login_error=$login_error");
  }
  else {
    $_SESSION['user_id'] = $values[0];
    $_SESSION['aflag'] = $values[1];
    $_SESSION['sflag'] = $values[2];
    $_SESSION['vflag'] = $values[3];
  
    oci_free_statement($cursor);

    // Create a new session id for this user
    if (!isset($_SESSION['session_id'])) {
      $_SESSION['session_id'] = md5(uniqid(rand()));
    }
  
    // Default, redirect to homepage
    header("Location:index.php");
  }
?>